Age | Commit message (Collapse) | Author |
|
util: T5074: Fixed decoding of certificate value to UTF-8 string
|
|
Fixed decoding of certificate value returned by vici
to UTF-8 string.
|
|
|
|
qos: T5018: Fix issues between QoS and interface mirror/redirect
|
|
This will check if mirror/redirect is present on a QoS interface and use `vyos.configdep` module to update the interface again after QoS is applied.
|
|
|
|
T5073: IPoE-server fix parse empty range option
|
|
T5063: IPoE-server ethX vlan must not be used with client-subnet
|
|
IPoE-server 'interface ethX vlan xxx' (aka vlan-mon) must not be
used with 'interface ethX client-subnet'
So instead of shared pool accel-ppp uses the same pool for each
dynamically added VLAN
eth1 client-subnet '192.0.2.0/24'
eth1 vlan '2000-2021'
It cause this issue:
eth1.2000 range 192.0.2.0/24 (the first client gets address from 192.0.2.2)
eth2.2001 range 192.0.2.0/24 (the first client gets address from 192.0.2.2)
Only named pools with vlan option must be used.
|
|
If the 'client-subnet' is not used we must exclude it
from the ipoe.config.j2 template.
Otherwise we get wrong empty parameter ',range=,'
|
|
T5066: Fix GRE tunnel variable name which checks keys
|
|
|
|
Lift the amount of allowed open file descriptors for the FRR process tree.
Required if there are hundreds to thousands interfaces on a system.
|
|
op-mode: T5051: use Literal types to provide op-mode CLI choices and API enums
|
|
T5057: Fix IPoE regex Jinja2 for interface
|
|
T5058: Extend template filter range_to_regex to allow list as arg
|
|
Fix incorrect regex '\d+' when used vlan ranges
For example 'ipoe-server interface eth1 vlan 2000-3000'
- replace 'interface=re:eth1\.\d+'
=> 'interface=re:^eth1\.(200\d|20[1-9]\d|2[1-9]\d{2}|3000)$'
|
|
Extend template filter 'range_to_regex'
Allow list of ranges as argument
% range_to_regex(['11-12', '14-15'])
'(1[1-2]|1[4-5])'
|
|
T5056: Fix IPoE server template for vlan-mon
|
|
After rewriting IPoE server for config.dict the ipoe.config.j2
template wasn't changed for 'vlan-mon' section
Fix it
|
|
Not all interfaces have valid entries in the speed file. PPPoE interfaces have
the appropriate speed file, but you can not read it:
cat: /sys/class/net/pppoe7/speed: Invalid argument
|
|
|
|
|
|
|
|
graphql: T5040: generate schema on installation, rather than dynamically
|
|
|
|
ipsec: T4916: Fixed migrations script
|
|
* removed unused `re` from imports
* replaced `return_value()` to `return_values()` for `remote-address`
because this is a multi-value configuration node
|
|
login: T5039: catch error on 'my_set' for auth plaintext-password
|
|
login: T5039: Support hashing rounds in `encrypted-password` values
|
|
|
|
Since glibc 2.7, the SHA-256 and SHA-512 implementations support
a user-supplied number of hashing rounds, defaulting to 5000. If
the "$id$" characters in the salt are followed by "rounds=xxx$",
where xxx is an integer, then the result has the form
$id$rounds=yyy$salt$encrypted
where yyy is the number of hashing rounds actually used. The
number of rounds actually used is 1000 if xxx is less than 1000,
999999999 if xxx is greater than 999999999, and is equal to xxx
otherwise.
|
|
|
|
Since 'key' field is no longer required, a missing key will register an
error in the resolver, instead of being rejected as bad request.
|
|
|
|
For type introspection of op-mode scripts, scripts are loaded as
modules. For generation of schema from type introspection, it is useful
to load scripts during package installation, hence to fail gracefully if
not on live system.
|
|
Schema had been dynamically generated, based on configuration setting
for authentication. Add nullable field 'key' for static generation of
schema regardless of key/token use.
|
|
policy: T5035: Add more actions to policy route rule
|
|
|
|
|
|
T5037: Firewall: Add queue action and options to firewall
|
|
T4967: Allow setting container hostname
|
|
Ability setting container hostname
This host name is used as /etc/hostname
set container name <tag> host-name 'mybox'
|
|
|
|
|
|
T4977: Add Babel routing protocol support
|
|
container: T4014: Add `command`, `arg` and `entrypoint` configuration options for containers
|
|
T5033: Ability to generate muliple keys from a file or link
|
|
openvpn: T4770: fix tabulate output in _format_openvpn
|
|
|